package team.archai.nexus.boot.web.filters;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import team.archai.nexus.boot.auth.constant.AuthConstant;
import team.archai.nexus.boot.auth.exception.ExpiredException;
import team.archai.nexus.boot.auth.exception.InvalidException;
import team.archai.nexus.boot.auth.model.AuthenticatedInfo;
import team.archai.nexus.boot.auth.token.IAuth;
import team.archai.nexus.boot.auth.util.AuthUtil;
import team.archai.nexus.boot.constant.HttpEnum;
import team.archai.nexus.boot.tool.HttpUtil;
import team.archai.nexus.boot.web.response.ResultUtil;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @description: jwt filter JWT接口请求校验拦截器
 * @author: lishibin
 * @create: 2020-07-11 01:59
 **/
public class JWTAuthorizationFilter extends BasicAuthenticationFilter {


    private static final Log log = LogFactory.getLog(JWTAuthorizationFilter.class);

    public JWTAuthorizationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
    }


    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
        String token = request.getHeader(AuthConstant.TOKEN_HEADER);
        //只做token验证 如果为空放行  因为其他的spring security 已经做了
        if (null == token) {
            filterChain.doFilter(request, response);
            return;
        }
        IAuth authInfo;
        try {
            authInfo = AuthUtil.parse(token);
        } catch (ExpiredException e) {
            log.error(e);
            HttpUtil.responseJson(response, ResultUtil.out(HttpEnum.TOKEN_EXPIRED));
            return;
        } catch (InvalidException e) {
            log.error(e);
            HttpUtil.responseJson(response, ResultUtil.out(HttpEnum.TOKEN_INVALID));
            return;
        }
        AuthenticatedInfo principal = authInfo.getPrincipal();
        String username = principal.getSubject();
//        Object userId = principal.getUserId();
//        if (!Tool.isEmpty(username) && !Tool.isEmpty(userId)) {
//            List<String> authList = principal.getPermissions();
//            List<GrantedAuthority> authorities = new ArrayList<>();
//            if (null != authList) {
//                authorities = authList.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
//            }
//            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(principal, token, authorities);
//            SecurityContextHolder.getContext().setAuthentication(authentication);
//        }
        filterChain.doFilter(request, response);
    }
}
